User authentication is generally used by organizations to restrict access to data, services, or physical locations in order to ensure confidentiality, monitor user activities, and comply with applicable territorial rules and regulations. In one example, a user may be asked to provide authentication credentials by way of a passphrase, biometric information, a token, or the like, before being allowed access to a particular server or computing/network service. In another example, a user may be asked to provide the authentication credentials before being allowed to enter a secure physical area. Despite such authentication measures, instances of identity theft involving unauthorized users hacking into servers or spoofing credentials of authorized users have been increasing.